CN103036897A - Communication method based on long distance desktop connection between thin client-side and server-side - Google Patents
Communication method based on long distance desktop connection between thin client-side and server-side Download PDFInfo
- Publication number
- CN103036897A CN103036897A CN201210560180XA CN201210560180A CN103036897A CN 103036897 A CN103036897 A CN 103036897A CN 201210560180X A CN201210560180X A CN 201210560180XA CN 201210560180 A CN201210560180 A CN 201210560180A CN 103036897 A CN103036897 A CN 103036897A
- Authority
- CN
- China
- Prior art keywords
- encryption
- server
- unit
- message
- desktop connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 23
- 238000000034 method Methods 0.000 title claims abstract description 16
- 238000012545 processing Methods 0.000 claims description 17
- 230000005540 biological transmission Effects 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
Images
Landscapes
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a communication method based on a long distance desktop connection between a thin client-side and a server-side. The thin client-side and the server-side are provided with a function of long distance desktop connection, the thin client-side is further provided with an encryption unit which is additionally arranged, wherein the encryption unit is provided with one or a plurality of encryption algorithms which fit in with a specific requirement. The communication method based on the long distance desktop connection between the thin client-side and the server-side includes calling the encryption unit to use encryption algorithms to encrypt a message which is to be sent to the server-side when the thin client-side is conducting a communication based on the long distance desktop connection with the server-side, and the thin client-side uses the function of the long distance desktop connection to send the encrypted message to the server-side. Correspondingly, the invention further discloses client-side equipment used for long distance desktop connection. The communication method based on the long distance desktop connection between the thin client-side and the server-side is capable of improving safety of the long distance desktop connection between the thin client-side and the server-side.
Description
Technical Field
The invention relates to the technical field of computer communication, in particular to a communication method based on remote desktop connection between a thin client and a server and a client device for remote desktop connection.
Background
In recent years, web-based remote desktop monitoring and control technologies have been greatly developed. For example, after one computing device a starts the remote desktop connection function, the user may control the computing device a through the remote desktop connection function on another technical device B on the network, that is, the computing device a may be operated in real time through the remote desktop connection function.
Using the remote desktop connection function, computing device a may view the contents of the desktop of computing device B, and may also use the keyboard mouse local to computing device a to control the desktop of remote computing device B, just as using the keyboard mouse local to computing device B.
The existing Thin Client (Thin Client) and the server transmit data through a Remote Display Protocol (RDP) or a Virtual Network Computing (VNC), and the encryption transmission technology is integrated inside the remote connection software, so that a user cannot select the encryption transmission technology, the security of a data encryption key cannot be guaranteed, and no backdoor exists.
Disclosure of Invention
The technical problem to be solved by the invention is to provide higher security for the remote desktop connection between the thin client and the server.
According to an aspect of the present invention, there is provided a communication method between a thin client and a server based on a remote desktop connection, the thin client and the server being configured with a remote desktop connection function, the thin client further having an encryption unit additionally provided, wherein the encryption unit is configured with one or more encryption algorithms meeting specific requirements, comprising:
when the thin client terminal carries out communication based on remote desktop connection with a server terminal, calling an encryption unit to encrypt a message to be sent to the server terminal by using an encryption algorithm;
and the thin client sends the encrypted message to the server side by using the remote desktop connection function.
In an alternative embodiment, the thin client receives an indication of a user selection of one of the plurality of encryption algorithms through its encryption control interface;
the thin client side calls an encryption unit to encrypt a message to be sent to the server side by using an encryption algorithm, and the encryption unit comprises: and the thin client calls an encryption unit to encrypt the message to be sent to the server by using a corresponding encryption algorithm according to the selection instruction.
In an alternative embodiment, the thin client transmitting the encrypted message to the server side using a remote desktop connection function includes: and the thin client sends the encrypted message to the server through a Remote Display Protocol (RDP) or a virtual network computing protocol (VNC).
According to another aspect of the present invention, there is provided a client device for remote desktop connection, the client device including a processing unit, a remote desktop connection unit, an encryption unit, and a transmission unit, wherein:
the processing unit is used for generating a message to be sent to the server side when the communication based on the remote desktop connection between the processing unit and the server side is carried out;
the encryption unit is configured with one or more encryption algorithms meeting specific requirements and used for encrypting the message to be sent to the server side by using the encryption algorithms;
the processing unit is further configured to call the remote desktop connection unit to send the encrypted message to the server by using a remote desktop connection function.
In an optional embodiment, the encryption unit further comprises an encryption control unit, configured to provide an encryption control interface, and receive, through the encryption control interface, an indication of a user's selection of one of the plurality of encryption algorithms;
the encrypting unit encrypting the message to be sent to the server side by using an encryption algorithm includes: and the encryption unit encrypts the message to be sent to the server by using a corresponding encryption algorithm according to the selection instruction.
In an optional embodiment, the invoking, by the processing unit, the remote desktop connection unit to send the encrypted message to the server using a remote desktop connection function includes: and the processing unit sends the encrypted message to the server side through a Remote Display Protocol (RDP) or a virtual network computing protocol (VNC).
In an alternative embodiment, the encryption unit is arranged inside the client device. In a further embodiment, the encryption unit is provided within the remote desktop connection unit.
In an optional embodiment, the encryption unit is disposed outside the client device and is independent from the client device, and the encryption unit is connected to the client device through a USB interface, a PCI interface, or a PCI-E interface.
In an optional embodiment, the client device further comprises: and the decryption unit is used for decrypting the received message from the server side, wherein the message from the server side is the message which is encrypted by the server side by using an encryption algorithm with specific requirements.
In an optional embodiment, the client device further comprises: and the decryption unit is used for decrypting the received message from the server side, wherein the message from the server side is the message which is encrypted by the server side by using one of a plurality of encryption algorithms with specific requirements.
The encryption unit is additionally arranged on the thin client side, and the message is encrypted before the thin client side sends the message to the server side by using the remote desktop connection function. Because the encryption algorithm configured in the encryption unit is a specific algorithm, not a general international encryption technology, in general, a malicious user can hardly decrypt the message encrypted by the encryption unit, so that the security can be improved for the remote desktop connection between the thin client and the server.
Drawings
Fig. 1 is a flowchart illustrating a communication method between a thin client and a server based on a remote desktop connection according to an embodiment of the present invention.
FIG. 2 is a schematic block diagram of a client device for remote desktop connection in accordance with an embodiment of the present invention.
Detailed Description
The following describes embodiments of the present invention in detail with reference to the accompanying drawings.
Fig. 1 is a flowchart illustrating a communication method between a thin client and a server based on a remote desktop connection according to an embodiment of the present invention.
In the embodiment of the invention, the thin client and the server are both provided with remote desktop connection functions. The thin client also has an additionally provided encryption unit, wherein the encryption unit is configured with one or more encryption algorithms meeting specific requirements.
In the embodiment of the present invention, the thin client refers to a computer terminal which is substantially not required to install an application program in a client-server network system. It communicates with the server end through some protocols and then enters the local area network.
As shown in fig. 1, a method for communication between a thin client and a server includes:
s101, when the thin client terminal communicates with a server terminal based on remote desktop connection, an encryption unit is called to encrypt a message to be sent to the server terminal by using an encryption algorithm;
and S201, the thin client sends the encrypted message to the server side by using a remote desktop connection function.
In an embodiment of the present invention, the thin client may invoke the encryption unit to encrypt the message using a pre-configured encryption algorithm that meets specific requirements when preparing to initiate transmission of the message for establishing the remote desktop connection to the server and when preparing to send the message (typically containing control instructions or data information) to the server after establishing the remote desktop connection.
This is because when the thin client communicates with the server side using the remote desktop connection function, the thin client typically uses the RDP protocol or the VNC protocol to perform communication therebetween, but the security of the data encryption key cannot be guaranteed by the existing transport encryption technology in the RDP protocol or the VNC protocol. In addition, the encryption algorithm used by the transmission encryption technology in the international standard protocols is inconsistent with the encryption algorithm required by the encryption standard established in china, so that when the thin client and the server communicate with each other, in order to enable the server to analyze the received message from the thin client and meet the encryption standard established in china, the transmission encryption technology in the protocols may not be available when the VNC protocol or the RDP protocol is used for communication, thereby causing unsafe data transmission.
Therefore, in the embodiment of the invention, the thin client is additionally provided with the encryption unit, and one or more encryption methods can be configured in the encryption unit. These encryption algorithms conform to the encryption algorithm standards established in china. In an alternative embodiment, the thin client may first call an encryption algorithm to encrypt a message before sending any message to the server, and then send the encrypted message to the server, for example, the message may include a message sent by the thin client to the server to establish a remote desktop connection, and a message sent by the thin client to the server after establishing a remote desktop connection with the server to include a control instruction or data information. In another alternative embodiment, the thin client terminal can call an encryption algorithm to encrypt the message sent to the server after the remote desktop connection is established with the server terminal, and then send the encrypted message to the server terminal.
In an alternative embodiment, the thin client is further provided with an encryption control unit, and the encryption control unit can be a part of the encryption unit or can be independent from the encryption unit. The encryption control unit can provide an encryption control interface to the display unit of the thin client. Thus, the user can select one encryption algorithm from a plurality of encryption algorithms which are configured in the thin client and meet the encryption requirements set by China for use in communication based on the remote desktop connection. At this time, the encryption control unit receives a selection instruction of which encryption algorithm to use through the encryption control interface, and sends the selection instruction to the encryption unit. The encryption unit may encrypt the message using a corresponding encryption algorithm in accordance with the received selection indication. Then, the thin client transmits the encrypted message to the server side using the remote desktop connection function.
Accordingly, the server side may be configured with a decryption unit corresponding to the encryption unit to decrypt a message received from the thin client side. Further, the thin client is also provided with a decryption unit. And after the server side encrypts the message by adopting an encryption algorithm meeting the encryption requirement formulated by China, sending the encrypted message to the thin client side. The thin client can call a decryption unit to decrypt the message sent by the server. Those skilled in the art will appreciate that the encryption algorithms configured in the encryption units of the thin client and the server side are recognizable and processable by the decryption units of the server side and the thin client.
FIG. 2 is a schematic block diagram of a client device for remote desktop connection in accordance with an embodiment of the present invention. As shown in fig. 2, the client device includes a processing unit 101, a remote desktop connection unit 103, and an encryption unit 105.
The processing unit 101 is configured to generate a message to be sent to the server when performing communication based on a remote desktop connection with the server. The encryption unit 105 is configured with one or more encryption algorithms that meet specific requirements. The encryption unit 105 is configured to encrypt a message to be sent to the server side using an encryption algorithm. The processing unit 101 is further configured to invoke the remote desktop connection unit 103 to send the encrypted message to the server side using the remote desktop connection function.
In an alternative embodiment, the encryption unit 105 is configured to provide an encryption control interface and receive an indication of a user selection of one of the plurality of encryption algorithms via the encryption control interface. In an alternative embodiment, the encryption unit 105 encrypts the message to be sent to the server using the corresponding encryption algorithm according to the selection indication.
In an alternative embodiment, the processing unit 101 invokes the remote desktop connection unit 103 to send the encrypted message to the server side using the remote desktop connection function, including the processing unit 101 sending the encrypted message to the server side through a remote display protocol RDP or a virtual network computing protocol VNC.
In an embodiment, the encryption unit is arranged inside the client device. Alternatively, the encryption unit may be provided within the remote desktop connection unit. Alternatively, the encryption unit may be disposed in the client device, independent of and connected to the remote desktop connection unit. In another embodiment, the encryption unit 105 is external to the client device and is independent from the client device, wherein the encryption unit 105 is connected to the client device through a USB interface, a PCI interface, or a PCI-E interface.
In an optional embodiment, the client device further comprises: and the decryption unit is used for decrypting the received message from the server side. The message from the server side is the message encrypted by the server side by using an encryption algorithm with specific requirements. Or the message from the server side is the message encrypted by the server side by using one of a plurality of encryption algorithms with specific requirements.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (10)
1. A communication method based on remote desktop connection between a thin client and a server, wherein the thin client and the server are configured with remote desktop connection function, the thin client further has an additional encryption unit, and the encryption unit is configured with one or more encryption algorithms meeting specific requirements, and the method comprises the following steps:
when the thin client terminal carries out communication based on remote desktop connection with a server terminal, calling an encryption unit to encrypt a message to be sent to the server terminal by using an encryption algorithm;
and the thin client sends the encrypted message to the server side by using the remote desktop connection function.
2. The communication method according to claim 1, wherein the thin client receives an indication of a user's selection of one of the plurality of encryption algorithms through its encryption control interface;
the thin client side calls an encryption unit to encrypt a message to be sent to the server side by using an encryption algorithm, and the encryption unit comprises:
and the thin client calls an encryption unit to encrypt the message to be sent to the server by using a corresponding encryption algorithm according to the selection instruction.
3. The communication method according to claim 1, wherein the thin client transmitting the encrypted message to the server using a remote desktop connection function comprises:
and the thin client sends the encrypted message to the server through a Remote Display Protocol (RDP) or a virtual network computing protocol (VNC).
4. A client device for remote desktop connection, the client device comprising a processing unit, a remote desktop connection unit, an encryption unit, wherein:
the processing unit is used for generating a message to be sent to the server side when the communication based on the remote desktop connection between the processing unit and the server side is carried out;
the encryption unit is configured with one or more encryption algorithms meeting specific requirements and used for encrypting the message to be sent to the server side by using the encryption algorithms;
the processing unit is further configured to call the remote desktop connection unit to send the encrypted message to the server by using a remote desktop connection function.
5. The client device of claim 4, wherein the encryption unit further comprises an encryption control unit configured to provide an encryption control interface and receive an indication of a user selection of one of the plurality of encryption algorithms via the encryption control interface;
the encrypting unit encrypting the message to be sent to the server side by using an encryption algorithm includes:
and the encryption unit encrypts the message to be sent to the server by using a corresponding encryption algorithm according to the selection instruction.
6. The client device according to claim 4, wherein the processing unit invokes the remote desktop connection unit to send the encrypted message to the server using a remote desktop connection function, and the method includes:
and the processing unit sends the encrypted message to the server side through a Remote Display Protocol (RDP) or a virtual network computing protocol (VNC).
7. The client device of claim 4, wherein:
the encryption unit is arranged inside the client device; or,
the encryption unit is arranged outside the client device and is independent from the client device, wherein the encryption unit is connected with the client device through a USB interface, a PCI interface or a PCI-E interface.
8. The client device of claim 7, wherein the encryption unit is disposed within the remote desktop connection unit.
9. The client device of claim 4, wherein the client device further comprises:
and the decryption unit is used for decrypting the received message from the server side, wherein the message from the server side is the message which is encrypted by the server side by using an encryption algorithm with specific requirements.
10. The client device of claim 4, wherein the client device further comprises:
and the decryption unit is used for decrypting the received message from the server side, wherein the message from the server side is the message which is encrypted by the server side by using one of a plurality of encryption algorithms with specific requirements.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210560180XA CN103036897A (en) | 2012-12-20 | 2012-12-20 | Communication method based on long distance desktop connection between thin client-side and server-side |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210560180XA CN103036897A (en) | 2012-12-20 | 2012-12-20 | Communication method based on long distance desktop connection between thin client-side and server-side |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103036897A true CN103036897A (en) | 2013-04-10 |
Family
ID=48023380
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210560180XA Pending CN103036897A (en) | 2012-12-20 | 2012-12-20 | Communication method based on long distance desktop connection between thin client-side and server-side |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103036897A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103384195A (en) * | 2013-07-04 | 2013-11-06 | 电子科技大学 | Isolation method based on XEN platform desktop protocol |
| CN103944890A (en) * | 2014-04-08 | 2014-07-23 | 山东乾云启创信息科技有限公司 | Virtual interaction system and method based on client/server mode |
| CN104156647A (en) * | 2014-08-12 | 2014-11-19 | 国家电网公司 | Thin terminal control method and device and thin terminal |
| CN109189542A (en) * | 2018-09-28 | 2019-01-11 | 成都安恒信息技术有限公司 | A kind of remote desktop access method for O&M auditing system |
| CN113660253A (en) * | 2021-08-12 | 2021-11-16 | 上海酷栈科技有限公司 | Terminal controller, method and system based on remote desktop protocol |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1426185A (en) * | 2001-12-13 | 2003-06-25 | 华为技术有限公司 | Method for realizing secrete communication by autonomously selecting enciphered algorithm |
| US20070244987A1 (en) * | 2006-04-12 | 2007-10-18 | Pedersen Bradley J | Systems and Methods for Accelerating Delivery of a Computing Environment to a Remote User |
| CN101964798A (en) * | 2010-10-15 | 2011-02-02 | 德讯科技股份有限公司 | Multi-graphic protocol unified proxy system based on remote desktop protocol |
| CN102215265A (en) * | 2011-06-14 | 2011-10-12 | 杭州思福迪信息技术有限公司 | System and method for realizing uniform management and monitoring of remote virtual desktop access |
| CN102523087A (en) * | 2011-12-14 | 2012-06-27 | 百度在线网络技术(北京)有限公司 | Method and equipment for carrying out encrypting treatment on self-execution network information |
| CN102571773A (en) * | 2011-12-27 | 2012-07-11 | 浙江省电力公司 | Information security comprehensive audit system and method |
-
2012
- 2012-12-20 CN CN201210560180XA patent/CN103036897A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1426185A (en) * | 2001-12-13 | 2003-06-25 | 华为技术有限公司 | Method for realizing secrete communication by autonomously selecting enciphered algorithm |
| US20070244987A1 (en) * | 2006-04-12 | 2007-10-18 | Pedersen Bradley J | Systems and Methods for Accelerating Delivery of a Computing Environment to a Remote User |
| CN101964798A (en) * | 2010-10-15 | 2011-02-02 | 德讯科技股份有限公司 | Multi-graphic protocol unified proxy system based on remote desktop protocol |
| CN102215265A (en) * | 2011-06-14 | 2011-10-12 | 杭州思福迪信息技术有限公司 | System and method for realizing uniform management and monitoring of remote virtual desktop access |
| CN102523087A (en) * | 2011-12-14 | 2012-06-27 | 百度在线网络技术(北京)有限公司 | Method and equipment for carrying out encrypting treatment on self-execution network information |
| CN102571773A (en) * | 2011-12-27 | 2012-07-11 | 浙江省电力公司 | Information security comprehensive audit system and method |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103384195A (en) * | 2013-07-04 | 2013-11-06 | 电子科技大学 | Isolation method based on XEN platform desktop protocol |
| CN103384195B (en) * | 2013-07-04 | 2016-08-10 | 电子科技大学 | A kind of partition method based on XEN platform desktop protocol |
| CN103944890A (en) * | 2014-04-08 | 2014-07-23 | 山东乾云启创信息科技有限公司 | Virtual interaction system and method based on client/server mode |
| CN103944890B (en) * | 2014-04-08 | 2017-03-08 | 山东乾云启创信息科技股份有限公司 | Virtual interaction system based on customer end/server mode and method |
| CN104156647A (en) * | 2014-08-12 | 2014-11-19 | 国家电网公司 | Thin terminal control method and device and thin terminal |
| CN104156647B (en) * | 2014-08-12 | 2017-02-15 | 国家电网公司 | Thin terminal control method and device and thin terminal |
| CN109189542A (en) * | 2018-09-28 | 2019-01-11 | 成都安恒信息技术有限公司 | A kind of remote desktop access method for O&M auditing system |
| CN109189542B (en) * | 2018-09-28 | 2021-10-15 | 成都安恒信息技术有限公司 | Remote desktop access method for operation and maintenance auditing system |
| CN113660253A (en) * | 2021-08-12 | 2021-11-16 | 上海酷栈科技有限公司 | Terminal controller, method and system based on remote desktop protocol |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111193695B (en) | Encryption method and device for third party account login and storage medium | |
| US20200084621A1 (en) | Wireless network connection method, apparatus, and system | |
| US20100064130A1 (en) | Secure host connection | |
| CN108964893B (en) | Key processing method, device, equipment and medium | |
| CN103036897A (en) | Communication method based on long distance desktop connection between thin client-side and server-side | |
| US9672367B2 (en) | Method and apparatus for inputting data | |
| CN112564887A (en) | Key protection processing method, device, equipment and storage medium | |
| CN112987942B (en) | Method, device and system for inputting information by keyboard, electronic equipment and storage medium | |
| CN106685897B (en) | Safe input method, device and system | |
| CN101431411A (en) | Dynamic encryption method for network game data | |
| CN113422832B (en) | File transmission method, device, equipment and storage medium | |
| CN113489706B (en) | Data processing method, device, system, equipment and storage medium | |
| CN102624892B (en) | A kind of method preventing plug-in client simulation HTTP request | |
| CN106712959A (en) | Implementation method and system of communication safety | |
| CN113630412A (en) | Resource downloading method, resource downloading device, electronic equipment and storage medium | |
| CN108848094B (en) | Data security verification method, device, system, computer equipment and storage medium | |
| CN103701589A (en) | Information transmission method and device based on virtual desktop system and relevant equipment | |
| CN116545676A (en) | Ciphertext processing method and device, electronic equipment and storage medium | |
| CN106708634B (en) | Communication method and system for VR application equipment and manufacturer equipment | |
| KR101657893B1 (en) | Encryption method for cloud service and cloud system providing encryption based on user equipment | |
| CN113676482B (en) | Data transmission system and method and data transmission system and method based on double-layer SSL | |
| CN111585748B (en) | Data transmission method and device | |
| CN113507363B (en) | Data processing method, device, electronic equipment and storage medium | |
| EP4250158A1 (en) | System and method for managing data-file transmission and access right to data files | |
| CN106330885A (en) | Cloud terminal system and method for enforcing security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130410 |